[Free] 2019(Nov) EnsurePass Palo Alto Networks PCNSE Dumps with VCE and PDF 11-20

Get Full Version of the Exam

Question No.11

An administrator is using Panorama and multiple Palo Alto Networks NGFWs. After upgrading all devices to the latest PAN-OS?software, the administrator enables log forwarding from the firewalls to PanoramA. Pre-existing logs from the firewalls are not appearing in PanoramA. Which action would enable the firewalls to send their pre-existing logs to Panorama?

  1. Use the import option to pull logs into PanoramA.

  2. A CLI command will forward the pre-existing logs to PanoramA.

  3. Use the ACC to consolidate pre-existing logs.

  4. The log database will need to exported form the firewalls and manually imported into PanoramA.

Correct Answer: B

Question No.12

Which two features does PAN-OS?software use to identify applications? (Choose two)

  1. port number

  2. session number

  3. transaction characteristics

  4. application layer payload

Correct Answer: CD

Question No.13

If the firewall is configured for credential phishing prevention using the quot;Domain Credential Filterquot; method, which login will be detected as credential theft?

  1. Mapping to the IP address of the logged-in user.

  2. First four letters of the username matching any valid corporate username.

  3. Using the same user#39;s corporate username and password.

  4. Marching any valid corporate username.

    Correct Answer: A


    https://www.paloaltonetworks.com/documentation/80/pan-os/newfeaturesguide/content- inspection-features/credential-phishing-prevention

    Question No.14

    Which is the maximum number of samples that can be submitted to WildFire per day, based on wildfire subscription?









    Correct Answer: B

    Question No.15

    Which three firewall states are valid? (Choose three)

    1. Suspended

    2. Passive

    3. Active

    4. Pending

    5. Functional

Correct Answer: ABC

Question No.16

A web server is hosted in the DMZ, and the server is configured to listen for incoming connections only on TCP port 8080. A Security policy rule allowing access from the Trustzone to the DMZ zone need to be configured to enable we browsing access to the server. Which application and service need to be configured to allow only cleartext web-browsing traffic to thins server on tcp/8080.

  1. application: web-browsing; service:application-default

  2. application: web-browsing; service: service-https

  3. application: ssl; service: any

  4. application: web-browsing; service: (custom with destination TCP port 8080)

Correct Answer: A

Question No.17

Which three file types can be forwarded to WildFire for analysis as a part of the basic WildFire service? (Choose three.)

  1. .dll

  2. .exe

  3. .src

  4. .apk

  5. .pdf

  6. .jar

Correct Answer: DEF


https://www.paloaltonetworks.com/documentation/80/wildfire/wf_admin/wildfire-overview/wildfire- file-type-support

Question No.18

Which virtual router feature determines if a specific destination IP address is reachable?

  1. Heartbeat Monitoring

  2. Failover

  3. Path Monitoring

  4. Ping-Path

Correct Answer: C



Question No.19

Which item enables a firewall administrator to see details about traffic that is currently active through the NGFW?

  1. ACC

  2. System Logs

  3. App Scope

  4. Session Browser

Correct Answer: D

Question No.20

Which Panorama administrator types require the configuration of atleast one access domain? (Choose two)

  1. Dynamic

  2. Custom Panorama Admin

  3. Role Based

  4. Device Group

  5. Template Admin

Correct Answer: DE

Get Full Version of the Exam